Update: Obama's NSA proposals underscore reform challenges

Advocates and opponents of reform have plenty to complain about with the proposed changes, observers say

1 2 Page 2
Page 2 of 2

The changes "will leave everyone a little dissatisfied, which means [Obama] got it about right," said James Lewis, senior fellow and director at the Center for Strategic and International Studies (CSIS).

Lewis, who was part of a team that provided a set of cybersecurity recommendations to the Obama transition team during his first term, said the proposals are balanced and reflect the realities of trying to balance national security needs with privacy concerns. The proposals show a pragmatic level of support for privacy needs while also ensuring that counterterrorism efforts are not held to higher judicial standards than other crimefighting efforts, he said.

Greg Nojeim, senior counsel for the Center for Democracy and Technology in Washington, said the President's proposals address some issues while leaving many others untouched.

"There were some important statements ... but there wasn't meat on the bones," he said.

For example, Obama's move to end the NSA's bulk phone records collection program is a positive step. "But he left open the question of what would replace it," Nojeim said.

Obama has made clear that he agrees with the NSA's assessment about the need to collect the metadata. The only real question is about who should hold that data and how it should be queried. The proposed reforms do not offer a clear picture about how those details will be worked out, he said.

The President's proposal to amend how the FBI uses National Security Letters (NSL) to get companies to provide information is welcome because it promises more transparency over the use of such letters, Nojeim said. Even so, the proposal falls short because the FBI will still not required to obtain judicial review before issuing NSLs.

"It was also disappointing that the speech didn't address key Interent security and encryption issues," he said. "The NSA has done a lot to undermine communication security...but the President didn't say anything about that."

Others, though, see some of the measures as potentially worrisome for the NSA and other intelligence agencies. And some feel that the idea of having a third-party hold metadata for the NSA could be difficult to implement.

Obama himself alluded to some of the legal ambiguities and cost issues that could arise from having a third party maintain a single consolidated database of phone record information. Forcing phone companies to hold the data could also be problematic for the same reasons.

Ending the metadata program as it now stands may be the "right political move for public purposes," said Scott Vernick, an attorney at Fox Rothschild in Philadelphia who specializes in online privacy and rights issues. "But it could put our country in a more vulnerable position," by making it more difficult for the NSA to access the data.

"By punting the decision to Congress about whether the data should instead be held by telecommunications companies or transferred to a third party, it will effectively keep the current aspects of the program running until a ruling is made," Vernick said.

This article, Obama's NSA proposals underscore reform challenges, was originally published at Computerworld.com.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

See more by Jaikumar Vijayan on Computerworld.com.

Copyright © 2014 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon